Sometimes useful if you're locked out of a machine where you've forgotten your user or root password.
If you've forgotten your encryption password: .... find a dark corner and weep 'cause you probably wont get in without some black magic.
If wanted, you can easily change the existing LUKS password from a running system but that's out of scope for this article, though: How to Change Your LUKS Encryption Passphrase - Make Tech Easier
Boot up live session ... in console mode will do for our purposes, which is a lot faster.
Become root with
"sudo su", (Elive will not prompt for a password) and decrypt the filesystem on the machine you're locked out of (we'll call it "lost-machine" from now on) which, in my case is /dev/sda3.
"cryptsetup luksOpen /dev/sda3 lost-machine"
and enter the decryption password when prompted.
Mount the unencrypted filesystem on "lost-machine" (you'll want the / filesystem where passwords are stored):
"mount /dev/mapper/elive_vg-root_lv /mnt"
- TIP: make use of hitting Tab (autocomplete) after /dev/mapper to show the system names available and to avoid typos.
Check if it is indeed the wanted root filesystem with
"mount" to see if it is indeed mounted "rw". Specifically "w" for write is a necessity to make changes.
chroot into /mnt :
"chroot /mnt "
And you're running your lost-machine as root in single user mode (init 1)
If you don't know the user name on lost-machine do:
"less /etc/group" where you'll probably be wanting the adm: user ... or to show other users do
"less /etc/group |grep 100"
To change the root password simply type
"passwd"and enter a password for root and wait for the
If you need to change a forgotten user password, like in my case for "triantares" you give the same command with the wanted username added:
"passwd triantares"and after entering the new passwords, wait for the success message
And reboot the machine with Ctrl,Altand Del combo.
You'll find the passwords changed as wanted.